Get Ahead of New Data Privacy Laws With a Data Governance Program

Download eBook

If you’re in charge of data in your company today, you know your job is getting more complex by the day. With new regulations like the EU’s GDPR, China’s Cyber-Security Law, and the California Consumer Privacy Act, organizations are facing pressure to quickly adjust and navigate through stricter data regulations.

More data, more intel, more business. Or that was once the story.

The responsibilities around how data is obtained, processed, managed, used, shared, and safeguarded are becoming ever more complex – with new laws popping up locally, regionally, and nationally – in efforts to protect individual privacy.

In our new eBook Data Governance is Mission Critical (see below), you can learn from Dun & Bradstreet's data governance best practice approach as you review the current state of your Enterprise Data Governance (EDG) program or implement a new one.

What is Data Governance?

With more and more data being extracted every instant – through machine learning (ML) and the internet of things (IoT) – it’s difficult for an organization (or the data users) to keep track.

Data misuse happens. User paranoia grows. It becomes front-page news. And organizations learn the hard way that we need to do more. But what?

Many organizations we talk to today struggle to:

  • Know what data they should collect
  • See where the data’s coming from and know if it’s trustworthy
  • Confidently make decisions to grow the business using data – without fear of the unknown
  • Understand when laws and regulations change at local, regional, and global scales
  • Know which data can or cannot be used for specific business cases in different regions
  • Create the teams necessary to build a solid governance foundation that scales and stays compliant – and to keep everything running smoothly within the organization

The need for stable, scalable data governance programs is here, and it’s growing.

 

How Do You Know You Need a Data Governance Program?

Companies realize they need to move faster to adjust and comply than what their internal teams can handle.

But the problem is, there are still a lot of people who don’t know how to use data; who don’t know how to sort it, clean it, and store it; and who don’t know what data to trust.

A good data governance program helps with all of this – instilling confidence in the data used in order to make business decisions confidently.

What Makes a Good Data Governance Program?

There’s often the perception that data governance will result in increased bureaucracy, with little to no return on value.

A good data governance framework will start with the goals of the business – and consider the challenges of today. Then it would be used to attack those challenges head-on based on the business goals.

From there, the team – which should include a data steward – would manage the volume, variety, sourcing, security, and quality of data to solve for these business challenges and measure progress.

“A common misconception of data governance is that it’s a ‘policing’ function. It isn’t. In fact, it’s quite the opposite,” says Kevin Shannon, Global Head of Enterprise Data & Analytics Governance at Dun & Bradstreet, home to the Dun & Bradstreet Data Cloud, largest commercial database in the world. “We do keep track of laws that could impact customers. It’s quite a big challenge to handle both the velocity and variety of data we have, while maintaining our view across the globe.”

What’s the Biggest Mistake People Make When Building a Data Governance Program?

They start by producing policies. And then enforce those policies.

“Don’t take the textbook approach, where you just take each step,” Shannon said. “What’s typically missing there is understanding how the company itself works. And what the challenges are. And how you create a culture of aligning on regulations.”

“Where [the program builders] lose credibility is in the conversations with the people who are doing the ‘real work.’ … there [should be] no ivory towers.”

How Do You Build a Strong Data Governance Program?

Begin by looking at the culture.

1. How does the company work?

2. What are its challenges?

“What we do, and what I advise anybody to do, is before you start thinking about policies, spend the time with teams to understand what they do,” Shannon said. “Talk about what the regulations are or what the laws are in a particular locale or region, and together come to a place where folks can agree upon the right policy for the company that doesn’t interfere with their ability to do business.”

The big reward here is when people can go on the path of finding the answers to their questions on customer data, marketing data, transactional data, and other important data types. Finding the right strategy not only protects the company, but it unlocks much more value from the data the company owns.

Well-governed and well-understood data makes the difference when it comes to meeting business needs faster and with greater reliability of outcomes.

How Do You Measure the Progress of a Data Governance Program?

After defining policies and putting data stewards in place to action them, businesses need a way to measure its efficacy. This is where metrics come into play. We here at Dun & Bradstreet follow a proven methodology called Goal-Question-Metric, or GQM.

Here are the steps of the approach:

1. Goal: It always starts with a clear vision

The first step is to understand and agree on the data quality improvement goals for the company. What are you trying to achieve? Measurement for measurement’s sake is pointless until success is clearly defined and agreed upon.

2. Question: Determine what questions need to be answered based on your goals

What are the most important factors that contribute to this vision of success? What processes have an impact on these goals? How do you identify what to measure and continually optimize in each process, based on your goals?

3. Metric: Define the metrics that answer the questions

No program should attempt to measure everything. Instead, prioritize what’s important based on your goals. Impact on the business and measurement of quality are examples of what to track—and to use to prioritize data improvement plans.

A good metric is specific, clearly defined, and tied to a clear goal.

Examples of common metrics data governance programs include are:

  • Improvement in data quality scores by percentage. This would measure the data in the following categories:
    • Accuracy
    • Completeness
    • Consistency
    • Timeliness
  • Adherence to data management standards and processes ensures the policies set forth in the company are followed, the correct levels of access are given to employees, and that these rules are clear, enforced, and followed.
  • Reduction in risk events. A risk event could be a financial loss caused by inaccurate reporting, or a penalty or fine due to noncompliance. If the number of these events are decreasing in the organization, it could be a sign that the governance efforts are effective.

Get the Guide

Download the eBook, Data Governance is Mission Critical, to learn how you can gain deeper control over your data, understand where it’s sourced, and monitor and use the data successfully while staying compliant.

Download eBook